tcpdump to capture irule processing

Question

Hey All&nbsp;
A quick question, tcpdump helps capture packets going in &amp; out on an IP configured part of the Big-IP config. Do we have a specific syntax of tcpdump which can be used to see how an irule is processing traffic / redirecting traffic to certain pool. &nbsp;
This is in respect irule for Exchange F5 config which does involve irule directing the traffic to certain pool based on service call ( oab /rpc / ews /autodiscover /) .&nbsp;
Please let me know your inputs/suggestions /thoughts&nbsp;

jaikumar_f5 · Answer

I aint sure that there's one as Irule deals with events,condition and action.
You can use log local0. "your statement to see if its executed".

boneyard · Answer

this article show how to enable extra information in the tcpdump: https://support.f5.com/csp/article/K13637&nbsp;
will this do what you want, i doubt it. i also don't see how that would work, from a tcpdump output point of view i don't see where should information would belong.&nbsp;

p_k · Answer

It depends on how often that irule is running. log local0. logs to your local appliance which will have the slightest possible impact. I wouldn't worry about this.  
yes.. you should see logs at /var/log/ltm or from GUI.( System -&gt; Logs -&gt; Local traffic)  
Nothing specific.  
Not that i know of. But you will do see redirects in the TCPDUMP by enabling advanced options.

Forum Discussion

tcpdump to capture irule processing

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Tcpdump Capture

Decrypting BIG-IP Packet Captures without iRules

decrypted tcpdump capture without using an iRule using tshark

Decrypting BIG-IP Packet Captures Automatically

Automating Packet Captures on BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS